I-librarian » I, Librarian : Security Vulnerabilities, CVEs,

CVE-2019-11449

I, Librarian 4.10 has XSS via the notes.php notes parameter.
Max CVSS
6.1
EPSS Score
0.09%
Published
2019-04-22
Updated
2019-04-23

CVE-2019-11428

I, Librarian 4.10 has XSS via the export.php export_files parameter.
Max CVSS
6.1
EPSS Score
0.09%
Published
2019-04-22
Updated
2019-04-22

CVE-2019-11359

Cross-site scripting (XSS) vulnerability in display.php in I, Librarian 4.10 allows remote attackers to inject arbitrary web script or HTML via the project parameter.
Max CVSS
6.1
EPSS Score
0.13%
Published
2019-04-20
Updated
2019-04-22

CVE-2018-1000124

I Librarian I-librarian version 4.8 and earlier contains a XML External Entity (XXE) vulnerability in line 154 of importmetadata.php(simplexml_load_string) that can result in an attacker reading the contents of a file and SSRF. This attack appear to be exploitable via posting xml in the Parameter form_import_textarea.
Max CVSS
10.0
EPSS Score
0.25%
Published
2018-03-13
Updated
2018-04-13
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close